Welcome to your friendly /r/homelab, where techies and sysadmin from everywhere are welcome to share their labs, projects, builds, etc.
Setting up NGINX Proxy Manager
Hello everyone,
I am trying to setup my nginx reverse proxy manager on my homelab for local dns only. I have a few services running internally that use specific port numbers and I am trying to make it so I can access the web guis of those pages just by typing in the DNS entry. The furthest ive gotten is setting up the CNAME records on my internal DNS as well as making an entry in the proxy.
My question is: How do I get this to work the way I want it to, but also set up SSL on it so I can have a valid certificate on the device when it reverse proxies.
My other question is: Is NGINX the way to go for this or is there one that is easier?
Edit: Dont need to worry about the SSL side of things, just getting the reverse proxy to work now.
I was in your boat once. I wanted all my local *Arr pages to have a pretty green check that meant I was doing the right things.
If you want to have local SSL you need to have an internal CA or you need to expose your network to the internet. I don't bother doing either, since it makes me less safe to expose anything to the internet if I don't have to, and I don't need an internal CA for anything else I'm doing, and it would be SO much more work just to see a green check mark that effectively means almost nothing in this scenario.
If you want to expose your services to the internet, use Cloudflare tunnels (free SSL, more secure than exposing your NPM to the internet). If you do not want to expose any services to the internet... just set up NPM without SSL, and know that the rest of the homelabists are doing the same thing.
Thats what I was thinking too, I was going to set up a ADCS on my domain controller but I dont think at this point I really need it.
You can get a certificate with dns challenge instead of exposing local network.
This video should help
This helped a lot, thank you for this one
I got this setup with nginx proxy manager. I used a wildcard certificate via nginx proxy manager and the DNS challenge + cloudflare api. Worked like a charm.
Oh cool alright I can do that then, seems simple enough. My only issue is that my local DNS has my domain .local and not .com. Should that matter too much for doing this?